From 477239e6348d5f232afe3547825a066b691cd358 Mon Sep 17 00:00:00 2001
From: tobias <tobias@openbsd.org>
Date: Thu, 23 Sep 2021 18:46:25 +0000
Subject: [PATCH] Remove wpath from secure mode pledge.

Upstream removed history file support for secure mode. The history file
feature is off by default already, disallowing it altogether in secure
mode allows us to drop wpath.

Added a note about it to manual page.

ok benno, deraadt
---
 usr.bin/less/cmdbuf.c | 5 +++++
 usr.bin/less/less.1   | 6 ++++--
 usr.bin/less/main.c   | 2 +-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/usr.bin/less/cmdbuf.c b/usr.bin/less/cmdbuf.c
index 0aaa1f0686d..5bd9d380575 100644
--- a/usr.bin/less/cmdbuf.c
+++ b/usr.bin/less/cmdbuf.c
@@ -20,6 +20,7 @@
 #include "cmd.h"
 #include "less.h"
 
+extern int secure;
 extern int sc_width;
 extern int utf_mode;
 
@@ -1203,6 +1204,8 @@ init_cmdhist(void)
 	FILE *f;
 	char *p;
 
+	if (secure)
+		return;
 	filename = histfile_name();
 	if (filename == NULL)
 		return;
@@ -1274,6 +1277,8 @@ save_cmdhist(void)
 	struct stat statbuf;
 	int r;
 
+	if (secure)
+		return;
 	if (mlist_search.modified)
 		modified = 1;
 	if (mlist_shell.modified)
diff --git a/usr.bin/less/less.1 b/usr.bin/less/less.1
index 5a52be5da07..1bd97df8ddf 100644
--- a/usr.bin/less/less.1
+++ b/usr.bin/less/less.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: less.1,v 1.57 2019/09/02 14:07:45 schwarze Exp $
+.\"	$OpenBSD: less.1,v 1.58 2021/09/23 18:46:25 tobias Exp $
 .\"
 .\" Copyright (C) 1984-2012  Mark Nudelman
 .\"
@@ -23,7 +23,7 @@
 .\" OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 .\" IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 2 2019 $
+.Dd $Mdocdate: September 23 2021 $
 .Dt LESS 1
 .Os
 .Sh NAME
@@ -1697,6 +1697,8 @@ Use of lesskey files.
 .It Fl t
 Use of tags files.
 .It " "
+Use of history file.
+.It " "
 Metacharacters in filenames, such as "*".
 .It " "
 Filename completion (TAB, ^L).
diff --git a/usr.bin/less/main.c b/usr.bin/less/main.c
index 9820eb5903f..ddc9b3c4172 100644
--- a/usr.bin/less/main.c
+++ b/usr.bin/less/main.c
@@ -91,7 +91,7 @@ main(int argc, char *argv[])
 		secure = 1;
 
 	if (secure) {
-		if (pledge("stdio rpath wpath tty", NULL) == -1) {
+		if (pledge("stdio rpath tty", NULL) == -1) {
 			perror("pledge");
 			exit(1);
 		}
-- 
2.20.1